package alex.deploy.authority;

import org.springframework.boot.autoconfigure.security.SecurityProperties;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;

/**
 * Created by lushun.chen on 2017/4/26.
 *
 * @author lushun.chen
 */
@Configuration
@EnableWebSecurity
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    private String[] whiteTradeWebUrls = new String[]{"/jsondoc", "/jsondoc-ui.html", "**/*.css", "/webjars/**", "**/*.js", "**/*.map", "*.html,", "/healthchecking"};
    public String[] whiteUrls = new String[]{"/login/**", "/webjars/**", "**/static/**", "/static/css/**", "/static/images/**", "/static/js/**", "/jsondoc", "/jsondoc-ui.html", "**/*.css", "/webjars/**", "**/*.js", "**/*.map", "*.html"};


    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .antMatchers("/images/**", "/checkcode", "/scripts/**", "/styles/**").permitAll()
                .antMatchers(whiteUrls).permitAll().antMatchers("*").permitAll();
    }

//    public void configure(WebSecurity web) throws Exception {
//        web.ignoring().antMatchers(whiteTradeWebUrls).antMatchers(whiteUrls);;
//    }
}
